Home / Blogs

Buying Open Source… It's a Different Ecosystem

A lot of organizations are interested in open source software, but fail to give it a fair chance compared to proprietary solutions. One reason for this is that the typical invitation to tender process puts open source at a disadvantage. Open source, as it happens, is made in a different ecosystem.

The software acquisition process often focuses on licenses, and this is where the first mistakes are made. Recently a (Dutch) municipality burned its fingers because they asked directly for Microsoft licenses in an invitation to tender. It is also common that organizations ask for experience with licenses that represent a certain turnover. But how many vendors have ever earned money on licenses of open source? None. So who has the money to respond to such invitations to tender? Nobody!

Beyond licenses, an organization wants software support because this guarantees the continued useful deployment of this software. For proprietary software it is necessary that their vendors provide long term support, because no one else provides the software. The management of this risk demands that you ask the relevant vendor for guarantees. Even then, this is not always sufficient. For example, organizations that still run on Siebel or IBM OS/2 still have a problem.

Open source does not have such vendors (yet), and demanding long term support will then put open source at a disadvantage and actually tries to solve a problem that does not exist. If you want to change support vendors for open source software somewhere during the software lifecycle you just do it. Mature risk management of open source will lead to more important questions. For example: is there a good and functioning community of supporters, and will it continue to be so in the future? We then find that there are large differences between the various Linux distributions, for example, with regards to the size of reference implementations and the speed with which security issues are patched. Different ecosystems, different risks, they ask for different risk control measures.

By Peter HJ van Eijk, Cloud Computing Coach, Author and Speaker – Peter HJ van Eijk is one of the world's most experienced independent cloud trainers. His website can be visited here. Visit Page

    CircleID Newsletter The Weekly Wrap

    More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

    I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

    VINTON CERF
    Co-designer of the TCP/IP Protocols & the Architecture of the Internet

    Comments

     Be the first to post a comment!

    Add Your Comments

     To post your comments, please login or create an account.

    Related

    Topics

    New TLDs

    Sponsored byAfilias

    DNS Security

    Sponsored byAfilias

    Cybersecurity

    Sponsored byVerisign

    Whois

    Sponsored byWhoisXML API

    Brand Protection

    Sponsored byAppdetex

    Cybercrime

    Sponsored byThreat Intelligence Platform

    Domain Names

    Sponsored byVerisign